BeerHolderBot (>=0.1.0 <=0.3.6), GetPDB (>=0.1.0 <=1.0.1) +5228 more potentially affected by unknown CVE via hyper (>=0.0.1 <=0.14.11)

hyper CARGO version =0.0.1, =0.1.0, =0.1.0, =0.0.2, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.1.0, =0.1.0, =0.0.1, =0.0.7-alpha.3, =0.2.0-alpha.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2022-0022...

a2 (>=0.3.6 <=0.5.0-alpha.7), abci-rs (=0.2.0) +950 more potentially affected by unknown CVE via crossbeam-channel (>=0.1.3 <=0.3.9)

crossbeam-channel CARGO version =0.1.3, =0.3.6, =0.4.0, =0.5.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.3.0, =0.1.0, =0.1.0, =0.1.0, =0.2.1 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2022-0019...

Moderate: rust-toolset:rhel8 security, bug fix, and enhancement update

Rust Toolset provides the Rust programming language compiler rustc, the cargo build tool and dependency manager, and required libraries. The following packages have been upgraded to a later upstream version: rust 1.58.0. BZ2002883 Security Fixes: rust: Race condition in removedirall leading to...

ALSA-2022:1894 Moderate: rust-toolset:rhel8 security, bug fix, and enhancement update

Rust Toolset provides the Rust programming language compiler rustc, the cargo build tool and dependency manager, and required libraries. The following packages have been upgraded to a later upstream version: rust 1.58.0. BZ2002883 Security Fixes: rust: Race condition in removedirall leading to...

RLSA-2022:1894 Moderate: rust-toolset:rhel8 security, bug fix, and enhancement update

Rust Toolset provides the Rust programming language compiler rustc, the cargo build tool and dependency manager, and required libraries. The following packages have been upgraded to a later upstream version: rust 1.58.0. BZ2002883 Security Fixes: rust: Race condition in removedirall leading to...

rust-toolset:rhel8 security, bug fix, and enhancement update

An update is available for rust-toolset, rust. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Rust Toolset provides the Rust programming language compiler rustc...

CentOS 8 : rust-toolset:rhel8 (CESA-2022:1894)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2022:1894 advisory. - rust: Race condition in removedirall leading to removal of files outside of the directory being removed CVE-2022-21658 Note that Nessus has not tested for thi...

roaring-landmask (=0.4.0) potentially affected by CVE-2022-1343 via openssl-src (=300.0.0+3.0.0)

openssl-src CARGO version =300.0.0+3.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on openssl-src and may be impacted: - roaring-landmask =0.4.0 Source cves: CVE-2022-1343 Source advisory: OSV:RUSTSEC-2022-0027...

Bore - Simple CLI Tool For Making Tunnels To Localhost

A modern, simple TCP tunnel in Rust that exposes local ports to a remote server, bypassing standard NAT connection firewalls. That's all it does: no more, and no less. Installation requires Rust cargo install bore-cli On your local machine bore local 8000 --to bore.pub This will expose your local...

FBI Warns of BlackCat Ransomware That Breached Over 60 Organisations Worldwide

The U.S. Federal Bureau of Investigation FBI is sounding the alarm on the BlackCat ransomware-as-a-service RaaS, which it said victimized at least 60 entities worldwide between as of March 2022 since its emergence last November. Also called ALPHV and Noberus, the malware is notable for being the...

acmev02 (=0.1.0), adventure-rusoto-ecs (=0.4.0) +410 more potentially affected by unknown CVE via rusoto_credential (>=0.41.1 <=0.48.0)

rusotocredential CARGO version =0.41.1, =0.3.5, =0.1.5, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.1, =0.3.0 - aws-instance =0.1.1 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2022-0071...

Denial Of Service (DoS)

crossbeam-utils is vulnerable to firefox:devel. It provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of...

SWHKD has unspecified vulnerabilities

SWHKD is a hotkey daemon made with Rust that is independent of the display protocol. SWHKD has security vulnerabilities that can be exploited by attackers to perform arbitrary file presence tests with the -c option...

SWHKD has unspecified vulnerabilities (CNVD-2022-36045)

SWHKD is a display protocol-independent hotkey daemon made in Rust. SWHKD has a security vulnerability that stems from keyboard events using an unintended user, which can be exploited by an attacker to cause information disclosure, but is usually a denial of functionality...

SWHKD 安全漏洞

SWHKD is a hotkey daemon made with Rust that is independent of the display protocol. SWHKD has security vulnerabilities that can be exploited by attackers to perform arbitrary file presence tests with the -c option...

SWHKD 安全漏洞

SWHKD is a display protocol-independent hotkey daemon made in Rust. SWHKD has a security vulnerability that stems from keyboard events using an unintended user, which can be exploited by an attacker to cause information disclosure, but is usually a denial of functionality...

ably (=0.1.0), acid-store (>=0.1.0 <=0.13.0) +417 more potentially affected by unknown CVE via rmp-serde (>=0.14.4 <=0.15.5)

rmp-serde CARGO version =0.14.4, =0.1.0, =0.4.3, =0.1.0, =0.8.0, =0.0.1, =0.0.2, =1.1.0, =1.0.1, =0.2.0, =0.3.0 - algonautcore =0.3.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2022-0092...

Mozilla: Denial of Service via complex regular expressions

regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those tunable mitigations already provide sane defaults to preven...

ROS-20220412-03

Vulnerability in Mozilla Thunderbird email client, related to a memory freeing error when processing HTML content after the VR process is destroyed. Exploitation of the vulnerability could allow an attacker, acting remotely, create a specially crafted web page, trick the victim into opening it,...

Mozilla: Denial of Service via complex regular expressions

regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those tunable mitigations already provide sane defaults to preven...